package com.softvan.web.controller;

import javax.annotation.security.RolesAllowed;

import lombok.extern.slf4j.Slf4j;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import com.alibaba.fastjson.JSON;
import com.softvan.bean.Person;

@RestController
@Slf4j
public class PersonController {
    
    @RequestMapping("/role")
    @RolesAllowed("ADMIN")
    public String roleAllow() {
        
        return "roleAllow";
    }
    
    @RequestMapping(value = "/search")
    @PreAuthorize("hasAuthority('ADMIN')")
    public Person search(String personName) {
        UserDetails userDetails = (UserDetails) SecurityContextHolder.getContext()
                .getAuthentication()
                .getPrincipal();
        log.warn("userDetails:{}", JSON.toJSONString(userDetails));
        return new Person(personName, 32, "hefei");

    }
}
